The advent of virtual assistants has caused a steady increase in the number of customers using voice as a primary medium to interact with organizations. One challenge that organizations constantly face is how to efficiently and effectively validate the identity of a user talking to the virtual assistant. Prior solutions have hinged on analyzing a user's voice, extracting a voice print and comparing it to a stored sample. However, in many scenarios, this approach may not be sufficient to prevent a malicious user from circumventing the system, e.g., by playing a voice recording of the victim to gain access to the system. As a result, voice-enabled applications are often limited to providing public information that does not require authenticating the user, for example stock quotes and news headlines.
With increased usage of voice-enabled digital assistants, it would be desirable for financial transactions to be executed through voice commands from the user's living room. Such interactions would not only be very convenient for a single user, but would enable the voice enabled digital assistant to interact with multiple users, e.g., as part of a planning session occurring in real time conversation. However, from the standpoint of an organization handling sensitive data (e.g., a financial institution), such zero-user interface (“zero-UI”) interaction requires robust authentication, extremely secure channels of communication, and effective threat and fraud prevention mechanisms. Biometrics provide one of the most accurate, robust and scalable authentication mechanisms, offering at least the following advantages: (i) they are unique to specific people; (ii) they are static or substantially static over time; (iii) they do not need to be remembered; (iv) they can be collected non-intrusively (e.g., reading a face print, fingerprint, or iris print; recording a voice print; etc.).